Worm

Win32.Worm.Mabezat.Gen malicious file

Malware Removal

The Win32.Worm.Mabezat.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32.Worm.Mabezat.Gen virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial language used in binary resources: Arabic (Qatar)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32.Worm.Mabezat.Gen?



File Info:

name: 1FA6D53DD2D3F07030F1.mlw
path: /opt/CAPEv2/storage/binaries/a9b693d8898d47289d05b31ea92a5f901867537981aab96de8edaea09d474b00
crc32: DAB39A8C
md5: 1fa6d53dd2d3f07030f1eeb28e5a6c4a
sha1: 14028c13164235430957d21a743798864604ed3b
sha256: a9b693d8898d47289d05b31ea92a5f901867537981aab96de8edaea09d474b00
sha512: bf8b82cc60f3dc04b401f490605da01a2047a4886abd1e7e48e01f5d39d1cb475d5ff843011c6632c7e8be1624b287624cd052a6f6c103ea646ce3e805bcebe9
ssdeep: 49152:yclIdGF746//BraDy3jsQIo4JHL/DgFecz4O8b8ITDnlZez2R/d:ycl8s86/OTo4JHLUFV2R1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T166E56D20A6D5CFE1C16F2178CCA6BAF6501FAD20CF558FCB6D803E1935B0592A93661F
sha3_384: 61fe717f1c11cc9620e4d7ec90cb674685567166d19e899047e9d564cd5e888d69740ee7d5c0309fda41912f8d80adeb
ep_bytes: bb3fb86a4593e920010000dc82e5e18d
timestamp: 2021-02-24 22:54:40


Version Info:

CompanyName: Adobe Systems Incorporated
FileDescription: Adobe Acrobat Reader DC 
FileVersion: 21.1.20142.424128
LegalCopyright: Copyright 1984-2021 Adobe Systems Incorporated and its licensors. All rights reserved.
ProductName: Adobe Acrobat Reader DC
ProductVersion: 21.1.20142.424128
OriginalFilename: AcroRd32.exe
Translation: 0x0409 0x04e4

Win32.Worm.Mabezat.Gen also known as:

BkavW32.Pharoh.PE
MicroWorld-eScanWin32.Worm.Mabezat.Gen
CAT-QuickHealW32.Mabezat.B
SkyhighBehavesLike.Win32.Mabezat.wh
McAfeeW32/Mabezat.b.a
MalwarebytesGeneric.Malware.AI.DDS
ZillyaWorm.MabezatGen.Win32.2
SangforVirus_Suspicious.Win32.Mabezat.b
K7AntiVirusVirus ( 00001b7c1 )
K7GWVirus ( 00001b7c1 )
Cybereasonmalicious.dd2d3f
BaiduWin32.Worm.Mabezat.a
VirITWin32.Mazebat.B
SymantecW32.Mabezat.B!inf
Elasticmalicious (high confidence)
ESET-NOD32Win32/Mabezat.A
APEXMalicious
TrendMicro-HouseCallPE_MABEZAT.B-1
ClamAVWin.Trojan.Mabezat-2
KasperskyWorm.Win32.Mabezat.b
BitDefenderWin32.Worm.Mabezat.Gen
NANO-AntivirusVirus.Win32.Mazebat.rspj
AvastWin32:Agent-AVCE [Trj]
TencentVirus.Win32.Mabezat.a
EmsisoftWin32.Worm.Mabezat.Gen (B)
F-SecureMalware.W32/Mabezat
DrWebWin32.HLLW.Tazebama
VIPREWin32.Worm.Mabezat.Gen
TrendMicroPE_MABEZAT.B-1
FireEyeGeneric.mg.1fa6d53dd2d3f070
SophosW32/Mabezat-B
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=84)
JiangminWin32/Mabezat.b
GoogleDetected
AviraW32/Mabezat
VaristW32/Mabezat.A-2
Antiy-AVLWorm/Win32.Mabezat.b
KingsoftWin32.Mabezat.b.1038191
MicrosoftVirus:Win32/Mabezat.B
XcitiumWorm.Win32.Mabezat.b1@14o1bu
ArcabitWin32.Worm.Mabezat.Gen
ViRobotWin32.Mabezat.A
ZoneAlarmWorm.Win32.Mabezat.b
GDataWin32.Worm.Mabezat.Gen
CynetMalicious (score: 100)
AhnLab-V3Win32/Mabezat
Acronissuspicious
VBA32Worm.Win32.Mabezat.A
ALYacWin32.Worm.Mabezat.Gen
TACHYONVirus/W32.Mabezat
Cylanceunsafe
PandaW32/Mabezat.C
RisingWin32.Mabezat.b (CLASSIC)
YandexWorm.Mabezat.C
IkarusTrojan.Win32.Patched
MaxSecureVirus.Mabezat.B
FortinetW32/Mabezat.B
BitDefenderThetaAI:FileInfector.6898046816
AVGWin32:Agent-AVCE [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)
alibabacloudVirTool:Win/SignThief.A(dyn)

How to remove Win32.Worm.Mabezat.Gen?

Win32.Worm.Mabezat.Gen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment